-
Notifications
You must be signed in to change notification settings - Fork 4
How do I get an authorization token for API?
Guide to access Opendatahub Tourism as an authorized user.
Opendatahub uses Oauth 2.0 Authentication, as Authentication Server the Open Source Identity and Access Management Solution Keycloak is used. The Authentication Server provides Tokens with a certain validity.
access_token has a validity of 300 seconds
refresh_token has a validity of 7200 seconds
The Opendatahub Tourism api gives additional Data if a Request is authorized. That means certain data/operations are only available with a valid access token. The api is always responding with HTTP 200 also if a token is expired, simply the additional data is not returned anymore.
The access_token has to be added on each request as a Authorization Header (Authorization Bearer 'token').
The endpoint to retrieve the token is https://auth.opendatahub.com/auth/realms/noi/protocol/openid-connect/token
The scope to pass is openid
Currently Opendatahub Tourism supports different types of Oauth Grant Types:
Used for Machine2Machine communication.
grant_type=client_credentials
client_id
client_secret
scope
has to be passed
Of course you should have a valid client_id/client_secret from the Opendatahub Support.
Used for User Access.
grant_type=password
username
password
client_id
client_secret
scope
has to be passed
Of course you should got a valid username/password/client_id/client_secret from the Opendatahub Support.
Used to retrieve an access_token with the longer valid refresh_token.
grant_type=refresh_token
refresh_token
client_id
client_secret
scope
has to be passed
Of course you should got a valid client_id/client_secret from the Opendatahub Support and a valid refresh token from a Request you made before.
There are more possibilities to access the data with the authorization token
Retrieve the Token with the Oauth Conform Request to Keycloak and add it to your request Headers in your code.
Many Frameworks allows to add the Oauth 2.0 support by adding some librarys or Configuration
Go to swagger -> Click "Authorize" -> Fill in all your credentials and Login -> Close Popup -> Click "Try it out" and do your requests.
The Bearer Token is automatically added. But be careful if the token expires a Re-Login is needed. (Because no 401 is returned only the additional data is not returned anymore, as mentioned above)
Get the Token example:
curl -d "grant_type=password&username=USERNAME&password=PASSWORD&client_id=CLIENT_ID&client_secret=CLIENT_SECRET" -X POST -H 'Accept: application/json' -H 'Content-Type: application/x-www-form-urlencoded' ENDPOINTURL
Use the token by retrieving ODH example:
curl -H 'Authorization: Bearer BEARERTOKEN' -X GET ODHURL
Use the "Authorization" Tab on Postman. Set "Type" to "Oauth 2.0". Choose the right grant_type and fill in all credentials.
Try "Get new Access Token" and if a valid Token is retrieved, "Use Token" will add the token to the header.
Also here like on swagger, if the token has become invalid, renew it with "Get new Access Token". (Because no 401 is returned only the additional data is not returned anymore, as mentioned above)
This wiki contains additional information about the Open Data Hub alongside the Open Data Hub - Official Documentation 🔗 .